Lucene search
K

4 matches found

EUVD
EUVD
added 2026/03/05 3:30 p.m.6 views

EUVD-2026-9818

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.7 via deserialization of untrusted input in the 'downloadcsv' function. This makes it possible for unauthenticated attackers to inject a P...

9.8CVSS6.2AI score0.00519EPSS
Exploits0References5
NVD
NVD
added 2026/03/05 1:16 p.m.11 views

CVE-2026-2599

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.7 via deserialization of untrusted input in the 'downloadcsv' function. This makes it possible for unauthenticated attackers to inject a P...

9.8CVSS0.00519EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/05 12:26 p.m.5 views

CVE-2026-2599

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.7 via deserialization of untrusted input in the 'downloadcsv' function. This makes it possible for unauthenticated attackers to inject a P...

9.8CVSS6.2AI score0.00519EPSS
Exploits0References5
CVE
CVE
added 2026/03/05 12:26 p.m.54 views

CVE-2026-2599

CVE-2026-2599 : The WordPress plugin cluster “Database for Contact Form 7, WPforms, Elementor forms” is affected by an unauthenticated PHP Object Injection via deserialization in the download_csv function (vulnerable through 1.4.7). The vulnerability alone has no impact unless a PHP Object Payloa...

9.8CVSS6.2AI score0.00519EPSS
Exploits0References4
Rows per page
Query Builder